Privacy Policy
Effective Date: December 8, 2025 | Last Updated: December 8, 2025
Important Notice: This service uses artificial intelligence (AI) and machine learning models to process your resume data. Please read Section 5 carefully to understand how your data is processed by AI systems.
1. Overview
Smart ATS Resume, operated by Sidewayz AiT Solutions ("we," "us," or "our"), is committed to protecting your privacy and ensuring transparency about how we handle your personal information. This Privacy Policy explains how we collect, use, disclose, store, and safeguard your information when you use our website and services at smartatsresume.com.
By using our services, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.
2. Information We Collect
We collect several types of information from and about users of our service:
2.1 Personal Information You Provide
- Account Information: Name, email address, and profile picture (when signing in via Google OAuth)
- Resume Content: Full name, contact information, work history, education, skills, certifications, and any other information you include in your resume
- Job Application Data: Target job descriptions, job titles, and company names you provide for optimization
- Payment Information: Billing address and payment method details (processed securely by Stripe; we do not store full credit card numbers)
- Communications: Any messages, feedback, or support requests you send to us
2.2 Information Collected Automatically
- Device Information: Browser type, operating system, device identifiers, and screen resolution
- Usage Data: Pages visited, features used, time spent on pages, and clickstream data
- Log Data: IP address, access times, referring URLs, and error logs
- Location Data: Approximate geographic location derived from IP address (country/region level only)
3. How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery: To provide, maintain, and improve our resume-building and ATS optimization services
- AI Processing: To analyze your resume using artificial intelligence models for ATS scoring, keyword optimization, and content suggestions (see Section 5)
- Authentication: To verify your identity and enable secure sign-in via Google OAuth or email
- Personalization: To customize your experience based on your preferences and usage patterns
- Payment Processing: To process subscription payments and manage billing through Stripe
- Communication: To send service-related notifications, updates, and promotional materials (with your consent)
- Analytics: To analyze usage trends and improve our platform's performance and features
- Legal Compliance: To comply with applicable laws, regulations, and legal processes
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA) and UK, we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to provide the services you requested
- Legitimate Interests: Processing for our legitimate business interests, such as improving our services and preventing fraud
- Consent: Processing based on your explicit consent, which you may withdraw at any time
- Legal Obligation: Processing required to comply with applicable laws
🤖 5. Artificial Intelligence and Data Processing
Smart ATS Resume uses artificial intelligence (AI) and machine learning technologies to enhance our services. This section explains how AI processes your data.
5.1 AI Technologies Used
We utilize the following AI services to process your resume and provide our features:
- OpenAI GPT Models: We use OpenAI's GPT-4 and GPT-4o-mini models to generate resume content, bullet points, professional summaries, and optimization suggestions
- ATS Scoring Algorithms: Our proprietary algorithms analyze your resume structure, keywords, and formatting for ATS compatibility
- Natural Language Processing (NLP): We use NLP techniques to extract keywords, analyze job descriptions, and match skills
5.2 Data Sent to AI Providers
When you use AI-powered features, the following data may be sent to our AI providers:
- Resume content (work history, skills, education, achievements)
- Job titles and descriptions you provide for tailored optimization
- Text you input for AI-generated suggestions or improvements
Important: We do NOT send your email address, password, payment information, or government-issued identification numbers to AI providers. Only resume-related content necessary for the requested feature is transmitted.
5.3 AI Provider Data Handling
Our primary AI provider, OpenAI, handles data according to their policies:
- Data sent via API is not used to train OpenAI's models (per OpenAI's API data usage policy)
- OpenAI retains API data for up to 30 days for abuse monitoring, then deletes it
- All data transmission is encrypted using TLS 1.2+
- For more details, see OpenAI's Privacy Policy
5.4 AI Response Caching
To improve performance and reduce costs, we cache AI-generated responses in our database for up to 30 days. Cached data includes:
- A hash of the original prompt (not the full text)
- The AI-generated response
- Timestamp and expiration date
Cached responses are automatically deleted after 30 days. You can request immediate deletion by contacting us.
5.5 Your Rights Regarding AI Processing
You have the following rights regarding AI processing of your data:
- Opt-Out: You may choose not to use AI-powered features. Basic resume building is available without AI.
- Transparency: You can request information about how AI was used to process your specific data
- Human Review: You can request human review of any AI-generated content or decisions
- Deletion: You can request deletion of all AI-processed data associated with your account
6. Information Sharing and Disclosure
We do NOT sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:
6.1 Service Providers
We share data with trusted third-party service providers who assist us in operating our platform:
- Supabase: Database hosting, authentication, and data storage
- Stripe: Payment processing and subscription management
- Google: OAuth authentication services
- OpenAI: AI-powered content generation (see Section 5)
- Vercel: Website hosting and content delivery
6.2 Legal Requirements
We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
📦 7. Data Retention Policy
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Below are our specific retention periods:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Until account deletion + 30 days | Account recovery grace period |
| Resume Content | Until account deletion + 30 days | Service delivery and recovery |
| AI-Generated Content | Until account deletion | User access to generated content |
| AI Response Cache | 30 days from generation | Performance optimization |
| Payment Records | 7 years from transaction | Legal and tax compliance |
| Usage Logs | 90 days | Security and debugging |
| Support Communications | 3 years from last interaction | Customer service quality |
| Analytics Data | 26 months (anonymized) | Service improvement |
7.1 Account Deletion
When you delete your account, we initiate a 30-day grace period during which your data is retained but inaccessible. After this period, we permanently delete:
- All resume content and versions
- Profile information and preferences
- AI-generated content associated with your account
- Authentication tokens and session data
Note: Payment records are retained for 7 years as required by tax and financial regulations. These records are stored securely by Stripe and contain minimal personal information.
7.2 Data Portability
You can export your resume data at any time in PDF or JSON format. To request a complete export of all your personal data, contact us at privacy@smartatsresume.com.
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience:
8.1 Types of Cookies
- Essential Cookies: Required for authentication and core functionality (cannot be disabled)
- Functional Cookies: Remember your preferences and settings
- Analytics Cookies: Help us understand how users interact with our site (Google Analytics)
- Performance Cookies: Monitor site performance and identify issues
You can manage cookie preferences through your browser settings. Disabling certain cookies may affect site functionality.
9. Data Security
We implement robust security measures to protect your information:
- Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Strict role-based access to personal data
- Infrastructure: Hosted on secure, SOC 2 compliant infrastructure (Supabase, Vercel)
- Authentication: Secure OAuth 2.0 implementation with token encryption
- Monitoring: 24/7 security monitoring and intrusion detection
While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
10. Your Privacy Rights
Depending on your location, you may have the following rights:
10.1 All Users
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data
- Portability: Receive your data in a machine-readable format
10.2 EEA/UK Residents (GDPR)
- Right to restrict processing
- Right to object to processing
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
10.3 California Residents (CCPA/CPRA)
- Right to know what personal information is collected
- Right to know if personal information is sold or shared
- Right to opt-out of sale of personal information (we do not sell data)
- Right to non-discrimination for exercising your rights
To exercise any of these rights, contact us at privacy@smartatsresume.com. We will respond within 30 days.
11. International Data Transfers
Our services are hosted in the United States. If you access our services from outside the US, your data may be transferred to and processed in the US. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses (SCCs) where required.
12. Children's Privacy
Smart ATS Resume is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover that we have collected data from a child under 16, we will delete it immediately. If you believe we have collected information from a child, please contact us at privacy@smartatsresume.com.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a prominent notice on our website and updating the "Last Updated" date. For material changes, we will send an email notification to registered users. Your continued use of the service after changes become effective constitutes acceptance of the updated policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Sidewayz AiT Solutions
Email: privacy@smartatsresume.com
General Support: support@smartatsresume.com
Response time: Within 30 days for privacy-related requests
© 2026 Sidewayz AiT Solutions. All rights reserved.